Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam PT0-003 Topic 4 Question 12 Discussion

Actual exam question for CompTIA's PT0-003 exam
Question #: 12
Topic #: 4
[All PT0-003 Questions]

Which of the following post-exploitation activities allows a penetration tester to maintain persistent access in a compromised system?

Show Suggested Answer Hide Answer
Suggested Answer: A

Maintaining persistent access in a compromised system is a crucial goal for a penetration tester after achieving initial access. Here's an explanation of each option and why creating registry keys is the preferred method:

Creating registry keys (Answer: A):

Advantages: This method is stealthy and can be effective in maintaining access over long periods, especially on Windows systems.

Example: Adding a new entry to the HKLM\Software\Microsoft\Windows\CurrentVersion\Run registry key to execute a malicious script upon system boot.

Drawbacks: This method is less stealthy and can be easily detected by network monitoring tools. It also requires an open port, which might be closed or filtered by firewalls.

Executing a process injection (Option C):

Drawbacks: While effective for evading detection, it doesn't inherently provide persistence. The injected code will typically be lost when the process terminates or the system reboots.

Setting up a reverse SSH connection (Option D):

Drawbacks: This method can be useful for maintaining a session but is less reliable for long-term persistence. It can be disrupted by network changes or monitoring tools.

Conclusion: Creating registry keys is the most effective method for maintaining persistent access in a compromised system, particularly in Windows environments, due to its stealthiness and reliability.


Installing a bind shell (Option B):

by Ling at Sep 19, 2024, 03:25 AM

Limited Time Offer

25%

Off

Get Premium PT0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Hannah
11 days ago
This is a no-brainer, folks. If you want to maintain access, a rHannahrse SSH connection is the way to do it. It's like having a secret backdoor, but with a fancy name.
upvoted 0 times
...
Juan
13 days ago
You know, I was tempted to choose A, but then I remembered that registry keys can be easily detected. Gotta go with the sneakier option, D.
upvoted 0 times
...
Staci
16 days ago
Nah, I'm going with C. Process injection is where it's at for persistent access. More stealthy than a bind shell, in my opinion.
upvoted 0 times
...
Viva
17 days ago
I'd go with B. Installing a bind shell is a classic technique for keeping that foothold in the system.
upvoted 0 times
...
Nicolette
20 days ago
Hmm, I think option D is the way to go. Setting up a reverse SSH connection seems like a solid way to maintain persistent access.
upvoted 0 times
Phuong
2 hours ago
I agree, setting up a reverse SSH connection is a good choice.
upvoted 0 times
...
...
Dorothy
21 days ago
Haha, you know what they say: 'The best way to maintain access is to nDorothyr lose it in the first place!' But if I had to choose, I'd go with D. RDorothyrse SSH is the way to go, my friends.
upvoted 0 times
...
Lucina
24 days ago
Ah, the age-old question of post-exploitation persistence. I'd have to say D - the reverse SSH connection is the way to go. Gotta love that sneaky remote access!
upvoted 0 times
Gregoria
2 hours ago
User 1: I agree, setting up a reverse SSH connection is key for maintaining access.
upvoted 0 times
...
...
Tien
1 months ago
C is interesting, but I'm not sure if process injection is the best long-term solution. I'm leaning towards D as well.
upvoted 0 times
Francine
2 days ago
C) Executing a process injection
upvoted 0 times
...
Leontine
4 days ago
B) Installing a bind shell
upvoted 0 times
...
Dean
18 days ago
A) Creating registry keys
upvoted 0 times
...
...
Judy
1 months ago
I'm torn between B and D. A bind shell or a reverse SSH connection could both work, but I think the reverse SSH might be a bit more subtle.
upvoted 0 times
Arlyne
13 days ago
True, but I think a reverse SSH connection is harder to detect.
upvoted 0 times
...
Stefania
18 days ago
Creating registry keys could also help maintain access.
upvoted 0 times
...
Stefania
19 days ago
Yeah, it's more stealthy than installing a bind shell.
upvoted 0 times
...
Magnolia
29 days ago
I think setting up a reverse SSH connection is the way to go.
upvoted 0 times
...
...
Josephine
2 months ago
I'm not sure, but I think both B) and D) could be used for maintaining persistent access.
upvoted 0 times
...
Mertie
2 months ago
Hmm, I'd go with D. Setting up a reverse SSH connection seems like the most reliable way to maintain access.
upvoted 0 times
Kenneth
29 days ago
I think installing a bind shell could also work well for maintaining access.
upvoted 0 times
...
Edmond
1 months ago
I agree, setting up a reverse SSH connection is a good choice.
upvoted 0 times
...
...
King
2 months ago
I disagree, I believe the correct answer is D) Setting up a reverse SSH connection.
upvoted 0 times
...
Lavina
2 months ago
I think the answer is B) Installing a bind shell.
upvoted 0 times
...

Save Cancel